package com.adou.d1;

import java.sql.*;

/**
 * Connecttion事务
 */
public class JDBCDemo6_Login {
    public static void main(String[] args) throws Exception {
        // 1.注册驱动
        Class.forName("com.mysql.jdbc.Driver");

        String url = "jdbc:mysql://127.0.0.1/db1?useSSL=false";
        String username = "root";
        String password = "root";
        // 2.获取连接
        Connection conn = DriverManager.getConnection(url, username, password);

        // 3.sql
        String name = "zhangsan";
//        String pwd = "123";
//        String pwd = "dadada" + "' or '1'='1";
        String pwd = "' or '1' = '1";
        String sql = "select * from tb_user where username = ? and password = ?";// 关键字转义

        // 4.获取执行sql对象
        PreparedStatement pstmt = conn.prepareStatement(sql);
        pstmt.setString(1, name);
        pstmt.setString(2, pwd);

        // 5.执行sql
        ResultSet rs = pstmt.executeQuery();
        if(rs.next()) {
            System.out.println("登录成功~");
        } else {
            System.out.println("登录失败~");
        }

        // 释放资源
        rs.close();
        pstmt.close();
        conn.close();

    }
}
